Stash 安全漏洞

Stash is an open source self-hosted web application written in Go by stashapp. A security vulnerability exists in Stash version v0.25.1, which stems from an SQL injection vulnerability in the sort parameter...

Projectworlds Online Examination System 安全漏洞

Projectworlds Online Examination System is an online examination system from Projectworlds India. A security vulnerability exists in Projectworlds Online Examination System v1.0, which stems from an SQL injection vulnerability in the subject parameter of the feed.php page...

Simple Online Bidding System SQL注入漏洞

Simple Online Bidding System is an online bidding system by oretnom23 individual developer. A SQL injection vulnerability exists in Simple Online Bidding System version 1.0, which stems from an incorrect manipulation of the parameter username that can lead to sql injection...

CVE-2024-7639

A vulnerability classified as critical was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This vulnerability affects unknown code of the file deleteact.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit ha...

SourceCodester Daily Calories Monitoring Tool 安全漏洞

SourceCodester Daily Calories Monitoring Tool is a daily calories monitoring tool from SourceCodester. A security vulnerability exists in the v1.0 version of SourceCodester Daily Calories Monitoring Tool, which stems from an SQL injection vulnerability in the delete-calorie.php page...

PT-2024-38492 · Sourcecodester · Sourcecodester Car Driving School Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Car Driving School Management System version 1.0 Description: A critical issue has been discovered, allowing for SQL injection through the manipulation of the id argument in an unknown function of the file view details.php. Thi...

WordPress Slider by 10Web plugin <= 1.2.57 - Authenticated (Contributor+) SQL Injection via id Parameter vulnerability

Authenticated Contributor+ SQL Injection via id Parameter vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Slider by 10Web versions = 1.2.57...

PT-2024-38414 · WordPress · Learnpress

Name of the Vulnerable Software and Affected Versions: LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.6.9.3 Description: The issue is related to time-based SQL Injection via the order parameter due to insufficient escaping on the user-supplied parameter and lack of sufficien...

CVE-2024-7498

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been classified as critical. Affected is the function login/login2 of the file /admin/login.php of the component Admin Login Page. The manipulation of the argument username leads to sql injection. It is possible to...

PT-2024-5584

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.14 Django versions 5.0 through 5.0.7 Description The issue is related to SQL injection in the QuerySet.values and values list methods on models with a JSONField. This vulnerability can be exploited by passing a...

CVE-2024-7449

A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2024-38364 · Sourcecodester · Sourcecodester Clinics Patient Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 1.0 Description: A critical issue has been found in the function patient name of the file patients.php, leading to sql injection. The attack may be launched remotely. This issue may...

Ticket Reservation System SQL注入漏洞

Ticket Reservation System is itsourcecode open source ticket reservation system. Ticket Reservation System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the prefSeatid parameter of the listtickets.php file contains a SQL injection vulnerability...

PT-2024-38292 · Sourcecodester · Sourcecodester Tracking Monitoring Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Tracking Monitoring Management System version 1.0 Description: A critical issue was found in the system, affecting the /ajax.php?action=save establishment file. The manipulation of the id argument leads to SQL injection. The...

SourceCodester Tracking Monitoring Management System SQL注入漏洞

SourceCodester Tracking Monitoring Management System is a monitoring management system from SourceCodester Inc. A SQL injection vulnerability exists in SourceCodester Tracking Monitoring Management System version 1.0, which originates from an SQL injection vulnerability in the id parameter of the...

PT-2024-38228 · Sourcecodester · Sourcecodester Lot Reservation Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lot Reservation Management System version 1.0 Description: A critical issue was found in the system, affecting the file /admin/ajax.php?action=login. The manipulation of the username argument leads to sql injection. This issue...

Simopro Technology WinMatrix3 SQL注入漏洞

Simopro Technology WinMatrix3 is an IT resource management system for enterprise-class computer asset management, endpoint security control and IT operations management. Simopro Technology WinMatrix3 suffers from a SQL injection vulnerability that stems from a lack of proper validation of user...

Society Management System SQL注入漏洞

Society Management System is itsourcecode open source a society management system. A SQL injection vulnerability exists in Society Management System version 1.0, which stems from an incorrect manipulation of the expensesid parameter that can lead to sql injection...

PT-2024-11629 · Dropbox · Dropbox

Name of the Vulnerable Software and Affected Versions: Dropbox affected versions not specified Description: The issue concerns a SQL injection vulnerability. No specific details about the vulnerability, affected devices, or real-world incidents are provided. Recommendations: At the moment, there ...

PT-2024-38084 · Unknown · Tianchoy/Blog

Name of the Vulnerable Software and Affected Versions: Tianchoy Blog versions up to 1.8.8 Description: A critical issue has been found, affecting an unknown part of the file /so.php. The manipulation of the search argument leads to sql injection. It is possible to initiate the attack remotely. Th...